|
Hi Roman.
Am 02.12.2013 10:15, schrieb Roman Pavlik:
Simon,
I did the same configuration just two day ago and it works like a
charm. But the proxy module of lighttd was used. You can do it by
this way:
- in modules.conf uncomment line, where
proxy-modul configuration is loaded:
include "conf.d/proxy.conf"
- open conf.d/proxy.conf and write your configuration:
# for IPv4
$SERVER["socket"] == "87.106.189.5:11371" {
proxy.server = ( "" => ( ( "host" => "127.0.0.1",
"port" => 11371 )))
setenv.add-response-header = ( "Via" => "1.1
keys.s-l-c.biz:11371 (lighttpd)" )
accesslog.filename = "/var/log/lighttpd" # logging
disabled; you can specify the log file here if you like
}
- comment out your redirect configuration, describe in your
mail
- restart lighttpd
Hope, this help.
Thanks but it WONT help. Seems you didnt read my mail, because you
just suggested EXACTLY the configuration i am using! And as i also
wrote: No, it does NOT work anymore for gpg which is a major fail,
since thats why we run the servers.
Regards,
--
Roman Pavlik
best regards
Simon
Simon Lange píše v Po 02. 12. 2013 v 09:08 +0100:
Hi all,
sks running fine.
but
if u put it behind a lighttpd reverse proxy for ports 11370 and 11371 it
wont work anymore.
11370 (recon) isnt operational anymore. communication is broken.
connection establishes but the communication itself does not work. sks
and company do not understand eachother anymore if a lighttpd reverse
proxy is between them.
11371 almost same. gpg client does not work anymore. a keysearch with
gpg wont find ANYTHING anymore as long the lighttpd reverse proxy is
between. only via browser (firefox, chrome, IE, ...) it works. same for
443 reverseproxy to 11371.
sks without any reverse proxy for ports 11370 and 11371 works perfectly.
gpg finds everything again and recon runs as it always did.
for me it seems just proxying the connection through lighttpd seems not
be enough for gpg or sks(recon). so what is it that gpg/sks got a
problem with?
the lighttpd reverse proxy is correctly configured. every connection to
that ports is proxied to the daemon running on 127.0.0.1
any ideas?
some information:
sks 1.1.4
lighttpd 1.4.30
http://keys.s-l-c.biz:11371/pks/lookup?op=stats
you can see the recon gap on dec 1st 2013. this happened when the recon
port was behind reverse proxy.
11371 is currently behind reverseproxy. its reachable also via :80 and
:443 with hostname keys.s-l-c.biz
configuration snippet (lighttpd):
server.reject-expect-100-with-417 = "disable"
$SERVER["socket"] == "87.106.189.5:11371" {
server.name = "keys.s-l-c.biz"
accesslog.filename =
"/var/log/lighttpd/keys.s-l-c.biz-access-11371.log"
proxy.server = ( "" => (( "host" => "127.0.0.1", "port" => 11371
) ) )
setenv.add-response-header = ( "Via" => "1.1
keys.s-l-c.biz:11371 (lighttpd)" )
}
#same configuration i tried for 11370 (ofcourse with changed ports).
any help is welcome
regards
Simon
_______________________________________________
Sks-devel mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/sks-devel
--
________________________________________________________
Simon Lange Consulting - Gaudystr. 6 - DE-10437 Berlin
Telefon: +49(0)30/89757206 Mobil: +49(0)151/22640160
----------------------------------------http://s-l-c.biz
|